Should we protect embedded Linux devices?

Can Linux-based embedded systems be considered secure by default or do they require additional protection?

Protecting for the Linux embedded devices

All sorts of embedded solutions running on Linux-based operating systems are growing in popularity. Large companies around the world, such as Banco do Brasil, are already using embedded systems working under the penguin banner, and specialized exhibitions are flooded with familiar types of interactive equipment under its control. For companies, their implementation promises certain benefits (not least for the reduced cost of OS licenses). But it raises a legitimate question for information security teams: do we protect these devices, and if so, how?

Among IT experts (including cybersecurity gurus) the opinion still lingers that Linux is virus-free, that the system is secure by design and so, therefore additional protection is not required. Twenty years ago, sure. But these days that’s a dangerous misconception. Here’s why.

Linux malware: the real state of affairs

Back in the days when Linux was a hobby-horse for enthusiasts and an operating system for servers, cybercriminals did indeed largely ignore it. But with the rising popularity of Linux systems, including OS’s for embedded devices, this situation has changed drastically. Aware that more and more banks, medical institutions, retailers and other large companies are starting to use Linux-based embedded solutions, cybercriminals have been exploring ways to attack them. For example, a pretty potent piece of Linux malware used in attacks on the Latin American financial sector made the news just last year.

APT attacks on Linux systems

Another scenario is when attackers leverage Linux based systems as a foothold into a corporate perimeter – the IT team might not think to protect the information kiosk, which contains no data of value. However, cybercriminals often need a way inside the corporate perimeter, in order to launch an APT attack and an unprotected embedded device is just the ticket. A payment terminal installed in a place available to public or a cash register with an internet connection in a supermarket hall may well serve as an entry point for a sophisticated attack.

Specialized security solutions

Additionally, some specialists don’t rush to protect Linux-based embedded systems because they don’t trust the capabilities of security solutions – sometimes, they think that some of their features are simply of no use to embedded devices. Why would an ATM need anti-phishing protection, for example, if nobody will open web-sites or access e-mail there? . On the other hand, there are usually no guarantees that basic security solutions for Linux can handle the specifics of embedded devices.

With the release of the specialized application, Kaspersky Embedded Systems Security for Linux, as part of our Kaspersky Embedded Systems Security solution, we aim to address this very issue. It is designed, optimized and tested specifically for Linux-based embedded devices. It guarantees safe device operation, without burdening the OS with unnecessary processes. At the same time, the application can be integrated with SIEM systems and managed both through the command line and from a single unified management console, along with other Kaspersky solutions. You can learn more about Kaspersky Embedded Systems Security here.

Tips